Re: CVS commit: src/sys/net

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/sys/net
From: christos%astron.com@localhost (Christos Zoulas)
Date: Thu, 10 Dec 2015 13:42:48 +0000 (UTC)

In article <20151210081103.E0FBBFB83%cvs.NetBSD.org@localhost>,
Kengo NAKAHARA <source-changes-d%NetBSD.org@localhost> wrote:
>-=-=-=-=-=-
>
>Module Name:	src
>Committed By:	knakahara
>Date:		Thu Dec 10 08:11:03 UTC 2015
>
>Modified Files:
>	src/sys/net: if_gif.c
>
>Log Message:
>kmem_zalloc(, KM_SLEEP) must not return NULL.

I would like to solicit opinions about this change and form a general
policy.

1. I would like to reduce the use of KASSERT in the kernel, specially
in situations like thee above where the test can be centralized (inside
kmem_alloc) and avoided without being fatal.

2. Static analyzer models understand allocators, but they are not
smart enough to determine under which situations they can fail. I
believe even kmem_alloc with KM_SLEEP can fail when the size is
large enough.

So I propose to always check the return value of allocators with
an 'if' and not a KASSERT.

christos

Follow-Ups:
- Re: CVS commit: src/sys/net
  - From: Greg Troxel

Prev by Date: Re: CVS commit: src/usr.sbin/gpioctl
Next by Date: Re: CVS commit: src/sys/net
Previous by Thread: Re: CVS commit: src/usr.sbin/gpioctl
Next by Thread: Re: CVS commit: src/sys/net
Indexes:

Home | Main Index | Thread Index | Old Index